fixed some issues from sonar

[portal.git] / ecomp-portal-BE-common / src / main / java / org / onap / portalapp / portal / controller / RoleManageController.java
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java

index b50d1cf..ead2ee9 100644 (file)
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
@@ -4,17 +4,19 @@
   * ===================================================================
   * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
   * ===================================================================
- * Modifications Copyright (c) 2019 Samsung
+ * Modifications Copyright (c) 2019 Samsung 
   * ===================================================================
+ * Modifications Copyright (c) 2020 IBM
+ * =================================================================== 
   *
   * Unless otherwise specified, all software contained herein is licensed
- * under the Apache License, Version 2.0 (the "License");
+ * under the Apache License, Version 2.0 (the "License"); 
   * you may not use this software except in compliance with the License.
   * You may obtain a copy of the License at
- *
+ * 
   *             http://www.apache.org/licenses/LICENSE-2.0
   *
- * Unless required by applicable law or agreed to in writing, software
+ * Unless required by applicable law or agreed to in writing, software 
   * distributed under the License is distributed on an "AS IS" BASIS,
   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   * See the License for the specific language governing permissions and
@@ -46,10 +48,8 @@ import java.util.List;
  import java.util.Map;
  import java.util.Set;
  import java.util.TreeSet;
-
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
-
  import javax.validation.ConstraintViolation;
  import javax.validation.Valid;
  import javax.validation.Validation;
@@ -97,11 +97,10 @@ import org.springframework.context.annotation.EnableAspectJAutoProxy;
  import org.springframework.http.ResponseEntity;
  import org.springframework.web.bind.annotation.PathVariable;
  import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.GetMapping;
  import org.springframework.web.bind.annotation.RestController;
  import org.springframework.web.servlet.ModelAndView;
-
  import com.fasterxml.jackson.databind.DeserializationFeature;
  import com.fasterxml.jackson.databind.JsonNode;
  import com.fasterxml.jackson.databind.ObjectMapper;
@@ -157,7 +156,7 @@ public class RoleManageController extends EPRestrictedBaseController {
          * @throws Exception
          */
  
-       @RequestMapping(value = { "/portalApi/get_roles/{appId}" }, method = RequestMethod.GET)
+       @GetMapping(value = { "/portalApi/get_roles/{appId}" })
         public void getRoles(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId)
                         throws Exception {
                 try {
@@ -186,7 +185,7 @@ public class RoleManageController extends EPRestrictedBaseController {
                 }
         }
  
-       @RequestMapping(value = { "/portalApi/role_list/toggleRole/{appId}/{roleId}" }, method = RequestMethod.POST)
+       @PostMapping(value = { "/portalApi/role_list/toggleRole/{appId}/{roleId}" })
         public Map<String, Object> toggleRole(HttpServletRequest request, HttpServletResponse response,
                         @PathVariable("appId") Long appId, @PathVariable("roleId") Long roleId) throws Exception {
                 EPApp requestedApp = null;
@@ -230,7 +229,7 @@ public class RoleManageController extends EPRestrictedBaseController {
                 return responseMap;
         }
  
-       @RequestMapping(value = { "/portalApi/role_list/removeRole/{appId}/{roleId}" }, method = RequestMethod.POST)
+       @PostMapping(value = { "/portalApi/role_list/removeRole/{appId}/{roleId}" })
         public Map<String, Object> removeRole(HttpServletRequest request, HttpServletResponse response,
                         @PathVariable("appId") Long appId, @PathVariable("roleId") Long roleId) throws Exception {
  
@@ -296,7 +295,7 @@ public class RoleManageController extends EPRestrictedBaseController {
                 return responseMap;
         }
  
-       @RequestMapping(value = { "/portalApi/role/saveRole/{appId}" }, method = RequestMethod.POST)
+       @PostMapping(value = { "/portalApi/role/saveRole/{appId}" })
         public Map<String, Object> saveRole(HttpServletRequest request, HttpServletResponse response,
                         @PathVariable("appId") Long appId) throws Exception {
                 EPUser user = EPUserUtils.getUserSession(request);
@@ -333,7 +332,7 @@ public class RoleManageController extends EPRestrictedBaseController {
                                                         if (existRole.getName().equalsIgnoreCase(role.getName()))
                                                                 throw new DuplicateRecordException("Role already exists: " + existRole.getName());
  
-                                               domainRole = new CentralV2Role();
+                        domainRole = new CentralV2Role.CentralV2RoleBuilder().createCentralV2Role();
                                                 domainRole.setName(role.getName());
                                                 domainRole.setPriority(role.getPriority());
                                                 domainRole.setActive(role.getActive());
@@ -418,29 +417,29 @@ public class RoleManageController extends EPRestrictedBaseController {
                 return responseMap;
         }
  
-       @RequestMapping(value = { "/portalApi/role/removeRoleFunction" }, method = RequestMethod.POST)
+       @PostMapping(value = { "/portalApi/role/removeRoleFunction" })
         public ModelAndView removeRoleRoleFunction(HttpServletRequest request, HttpServletResponse response)
                         throws Exception {
                 return getRoleController().removeRoleFunction(request, response);
         }
  
-       @RequestMapping(value = { "/portalApi/role/addRoleFunction" }, method = RequestMethod.POST)
+       @PostMapping(value = { "/portalApi/role/addRoleFunction" })
         public ModelAndView addRoleRoRoleFunction(HttpServletRequest request, HttpServletResponse response)
                         throws Exception {
                 return getRoleController().addRoleFunction(request, response);
         }
  
-       @RequestMapping(value = { "/portalApi/role/removeChildRole" }, method = RequestMethod.POST)
+       @PostMapping(value = { "/portalApi/role/removeChildRole" })
         public ModelAndView removeChildRole(HttpServletRequest request, HttpServletResponse response) throws Exception {
                 return getRoleController().removeChildRole(request, response);
         }
  
-       @RequestMapping(value = { "/portalApi/role/addChildRole" }, method = RequestMethod.POST)
+       @PostMapping(value = { "/portalApi/role/addChildRole" })
         public ModelAndView addChildRole(HttpServletRequest request, HttpServletResponse response) throws Exception {
                 return getRoleController().addChildRole(request, response);
         }
  
-       @RequestMapping(value = { "/portalApi/get_role/{appId}/{roleId}" }, method = RequestMethod.GET)
+       @GetMapping(value = { "/portalApi/get_role/{appId}/{roleId}" })
         public void getRole(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId,
                         @PathVariable("roleId") Long roleId) throws Exception {
                 try {
@@ -474,7 +473,7 @@ public class RoleManageController extends EPRestrictedBaseController {
                 }
         }
  
-       @RequestMapping(value = { "/portalApi/get_role_functions/{appId}" }, method = RequestMethod.GET)
+       @GetMapping(value = { "/portalApi/get_role_functions/{appId}" })
         public void getRoleFunctionList(HttpServletRequest request, HttpServletResponse response,
                         @PathVariable("appId") Long appId) throws Exception {
                 try {
@@ -505,7 +504,7 @@ public class RoleManageController extends EPRestrictedBaseController {
                 }
         }
  
-       @RequestMapping(value = { "/portalApi/role_function_list/saveRoleFunction/{appId}" }, method = RequestMethod.POST)
+       @PostMapping(value = { "/portalApi/role_function_list/saveRoleFunction/{appId}" })
         public PortalRestResponse<String> saveRoleFunction(HttpServletRequest request, HttpServletResponse response, @Valid @RequestBody CentralV2RoleFunction roleFunc,
                         @PathVariable("appId") Long appId) throws Exception {
                 if (roleFunc!=null) {
@@ -517,13 +516,14 @@ public class RoleManageController extends EPRestrictedBaseController {
                                 return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Data is not valid", "ERROR");
                         }
                 }
+
                 EPUser user = EPUserUtils.getUserSession(request);
                 boolean saveOrUpdateResponse = false;
                 try {
                         EPApp requestedApp = appService.getApp(appId);
                         if (isAuthorizedUser(user, requestedApp)) {
                                 fieldsValidation(requestedApp);
-                               if (requestedApp.getCentralAuth()) {
+                               if (requestedApp.getCentralAuth() && roleFunc!=null) {
                                         String code = roleFunc.getType() + PIPE + roleFunc.getCode() + PIPE + roleFunc.getAction();
                                         CentralV2RoleFunction domainRoleFunction = externalAccessRolesService.getRoleFunction(code,
                                                         requestedApp.getUebKey());
@@ -601,7 +601,7 @@ public class RoleManageController extends EPRestrictedBaseController {
                 }
         }
  
-       @RequestMapping(value = { "/portalApi/role_function_list/removeRoleFunction/{appId}" }, method = RequestMethod.POST)
+       @PostMapping(value = { "/portalApi/role_function_list/removeRoleFunction/{appId}" })
         public PortalRestResponse<String> removeRoleFunction(HttpServletRequest request, HttpServletResponse response,
                         @RequestBody String roleFunc, @PathVariable("appId") Long appId) throws Exception {
                 EPUser user = EPUserUtils.getUserSession(request);
@@ -678,8 +678,8 @@ public class RoleManageController extends EPRestrictedBaseController {
                 return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Deleted Successfully!", "Success");
         }
  
-       @RequestMapping(value = { "/portalApi/centralizedApps" }, method = RequestMethod.GET)
-       public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) throws IOException {
+       @GetMapping(value = { "/portalApi/centralizedApps" })
+       public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) {
                 if(userId!=null) {
                         SecureString secureString = new SecureString(userId);
  
@@ -691,6 +691,7 @@ public class RoleManageController extends EPRestrictedBaseController {
                                 return null;
                         }
                 }
+
                 EPUser user = EPUserUtils.getUserSession(request);
                 List<CentralizedApp> applicationsList = null;
                 if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user)
@@ -720,7 +721,7 @@ public class RoleManageController extends EPRestrictedBaseController {
                 this.roleController = roleController;
         }
  
-       @RequestMapping(value = { "/portalApi/syncRoles" }, method = RequestMethod.POST, produces = "application/json")
+       @PostMapping(value = { "/portalApi/syncRoles" }, produces = "application/json")
         public PortalRestResponse<String> syncRoles(HttpServletRequest request, HttpServletResponse response,
                         @RequestBody Long appId) {
                 EPUser user = EPUserUtils.getUserSession(request);
@@ -742,7 +743,7 @@ public class RoleManageController extends EPRestrictedBaseController {
                 return new PortalRestResponse<>(PortalRestStatusEnum.OK, "Sync roles completed successfully!", "Success");
         }
  
-       @RequestMapping(value = { "/portalApi/syncFunctions" }, method = RequestMethod.POST, produces = "application/json")
+       @PostMapping(value = { "/portalApi/syncFunctions" }, produces = "application/json")
         public PortalRestResponse<String> syncFunctions(HttpServletRequest request, HttpServletResponse response,
                         @RequestBody Long appId) {
                 EPUser user = EPUserUtils.getUserSession(request);
@@ -817,7 +818,7 @@ public class RoleManageController extends EPRestrictedBaseController {
  
         private boolean isAuthorizedUser(EPUser user, EPApp requestedApp) {
                 if (user != null && (adminRolesService.isAccountAdminOfApplication(user, requestedApp)
-                               || (adminRolesService.isSuperAdmin(user) && requestedApp.getId() == PortalConstants.PORTAL_APP_ID)))
+                               || (adminRolesService.isSuperAdmin(user) && requestedApp.getId().equals(PortalConstants.PORTAL_APP_ID))))
                         return true;
                 return false;
         }
@@ -827,8 +828,8 @@ public class RoleManageController extends EPRestrictedBaseController {
                 response.getWriter().write("Unauthorized User");
         }
  
-       @RequestMapping(value = {
-                       "/portalApi/uploadRoleFunction/{appId}" }, method = RequestMethod.POST, produces = "application/json")
+       @PostMapping(value = {
+                       "/portalApi/uploadRoleFunction/{appId}" }, produces = "application/json")
         public PortalRestResponse<String> bulkUploadRoleFunc(HttpServletRequest request, HttpServletResponse response,
                         @RequestBody UploadRoleFunctionExtSystem data, @PathVariable("appId") Long appId) {
                 EPUser user = EPUserUtils.getUserSession(request);